"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/network_inspectors/appid/appid_session.h" between
snort3-3.1.28.0.tar.gz and snort3-3.1.29.0.tar.gz

About: Snort 3 is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.

appid_session.h  (snort3-3.1.28.0):appid_session.h  (snort3-3.1.29.0)
skipping to change at line 229 skipping to change at line 229
char* tls_cname = nullptr; char* tls_cname = nullptr;
char* tls_org_unit = nullptr; char* tls_org_unit = nullptr;
bool tls_handshake_done = false; bool tls_handshake_done = false;
MatchedTlsType matched_tls_type = MATCHED_TLS_NONE; MatchedTlsType matched_tls_type = MATCHED_TLS_NONE;
}; };
class AppIdSession : public snort::FlowData class AppIdSession : public snort::FlowData
{ {
public: public:
AppIdSession(IpProtocol, const snort::SfIp*, uint16_t port, AppIdInspector&, AppIdSession(IpProtocol, const snort::SfIp*, uint16_t port, AppIdInspector&,
OdpContext&, uint16_t asid = 0); OdpContext&, uint32_t asid = 0);
~AppIdSession() override; ~AppIdSession() override;
static AppIdSession* allocate_session(const snort::Packet*, IpProtocol, static AppIdSession* allocate_session(const snort::Packet*, IpProtocol,
AppidSessionDirection, AppIdInspector&, OdpContext&); AppidSessionDirection, AppIdInspector&, OdpContext&);
static AppIdSession* create_future_session(const snort::Packet*, const snort ::SfIp*, uint16_t, static AppIdSession* create_future_session(const snort::Packet*, const snort ::SfIp*, uint16_t,
const snort::SfIp*, uint16_t, IpProtocol, SnortProtocolId, bool swap_app _direction=false, const snort::SfIp*, uint16_t, IpProtocol, SnortProtocolId, bool swap_app _direction=false,
bool bidirectional=false); bool bidirectional=false);
void initialize_future_session(AppIdSession&, uint64_t); void initialize_future_session(AppIdSession&, uint64_t);
snort::Flow* flow = nullptr; snort::Flow* flow = nullptr;
AppIdConfig& config; AppIdConfig& config;
std::unordered_map<unsigned, AppIdFlowData*> flow_data; std::unordered_map<unsigned, AppIdFlowData*> flow_data;
uint64_t flags = 0; uint64_t flags = 0;
uint16_t initiator_port = 0; uint16_t initiator_port = 0;
uint16_t asid = 0; uint32_t asid = 0;
uint16_t session_packet_count = 0; uint16_t session_packet_count = 0;
uint16_t init_pkts_without_reply = 0; uint16_t init_pkts_without_reply = 0;
uint64_t init_bytes_without_reply = 0; uint64_t init_bytes_without_reply = 0;
IpProtocol protocol = IpProtocol::PROTO_NOT_SET; IpProtocol protocol = IpProtocol::PROTO_NOT_SET;
uint8_t previous_tcp_flags = 0; uint8_t previous_tcp_flags = 0;
// AppId matching service side // AppId matching service side
APPID_DISCOVERY_STATE service_disco_state = APPID_DISCO_STATE_NONE; APPID_DISCOVERY_STATE service_disco_state = APPID_DISCO_STATE_NONE;
skipping to change at line 529 skipping to change at line 529
{ {
return api.client.get_eve_client_app_id(); return api.client.get_eve_client_app_id();
} }
bool use_eve_client_app_id() const bool use_eve_client_app_id() const
{ {
return (api.client.get_eve_client_app_id() > APP_ID_NONE and return (api.client.get_eve_client_app_id() > APP_ID_NONE and
(api.client.get_id() == APP_ID_SSL_CLIENT or api.client.get_id() <= APP_ID_NONE)); (api.client.get_id() == APP_ID_SSL_CLIENT or api.client.get_id() <= APP_ID_NONE));
} }
void set_alpn_service_app_id(AppId id)
{
api.service.set_alpn_service_app_id(id);
}
AppId get_alpn_service_app_id() const
{
return api.service.get_alpn_service_app_id();
}
AppId get_payload_id() const AppId get_payload_id() const
{ {
return api.payload.get_id(); return api.payload.get_id();
} }
void set_payload_id(AppId id) void set_payload_id(AppId id)
{ {
api.payload.set_id(id); api.payload.set_id(id);
} }
 End of changes. 3 change blocks. 
2 lines changed or deleted 12 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)